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Receiving device for securely storing a content item, and playback device 



The invention relates to a receiving device for securely storing a content item, 
comprising downloading means for downloading the content item, writing means for writing 
the downloaded content item to a storage medium, and licensing means for obtaining a 
license file from a license server, the license file at least comprising a permission to write the 
S downloaded content item tu the slunige meJium. 

The invention further relates to a playback device for playing a content item 
stored on a storage medium, comprising playback means for playing back the content item in 
ttccordimcc with a permission in a license file for the content item, stored on the storage 
medium. 

10 

File shariny services such as Napster (http.//www.napsier.com/) or Gnutella 
(http://www.gnutclla.co.uk/) are widely known on the Internet. They arc used by millions of 
users to exchange content items such as music, typically in MP3 foimat. Each user can offer 

1 5 his own music collection to everyone else, which allows everyone to have a large selection of 
music available for downloading. However, the music oflcrcd on these file-sharing services 
is typically popular music, and is offered without the permission of the copyright holders. To 
ensure the copyright holders get the royalties they arc entitled to, some file sharing services 
have started lo charge a subscription fee to its users. Part of the revenue from the subscription 

20 fees can then be used to pay the copyright holders. 

In order lo prevent Ubcrs frorn distributing content items they downloaded in 
an unauthorized manner, these items are made available in a secure fashion. For instance, 
they can be distributed in an encrypted format, whereby software on the receiving device will 
permit playback hut not storing in unencrypted form. One technology for securing content 

25 items is the Intcrtrust "Digifile" technology, known from e g. U.S. Patent 5,892,900. 
According to this patent, music is stored in a secure digital container, the Digifile. The 
receiver must obtain a license fvle from a license server. This license file provides a set of 
permissions, fur example permt!»inn to play back the music, or permission to store tlx 
content item on a storage medium. The user of course has to pay a certain amount of money 
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for each permission. 'ITic license fite also contains a decryption key or other information 
required to access the music inside the Digifilc. V/hen the playback device has obtained a 
license, it can decrypt the music and play it to the user. The user can distribute the Digifile to 
others, but these others cannot decrypt the music without buying their own license file. Other 
5 technologies for securing content items work in a similar fashion. 

The permissions can be transferred together with the Digifile to another 
device, so that the other device can play back the content. However, this typically requires 
that the other device is cuniiected to the receiver in order to transfer Digifile and permissions. 
Alternatively, the Itceitse file can be coupled to the user, but this has the disadvantage that the 

10 user must aulhenlicate himself on every device on which he wants to play back the content. 

The known arrangements have the disadvantage that they do not adhere to the 
expectations that users are currently used to with respect to buying and listening to music. If 
a user buy.*: a compact disc (CD) in a store, he pays once and then can play the CD in any 
device in his possession, or even in devices owned by others. He docs not expect to have to 

15 pay for every lime he plays back the music, or to perform cumbersome actions to transfer the 
music and the associated permissions to other devices. Further, pay-pcr-usc schemes require 
that the playback device is coaiiected to a network so the payment can be made and the 
license file can be provided. This makes it hard to use portable devices in these arrangements. 



It is an object of the invention to provide a receiving device according to the 
preamble, which allows persistent control over the usage of the content item on the storage 
medium and also adheres to user expectations of the usage. 

This object is achieved in accordance with the invention in a receiving device 
which is characterized by license locking means for encrypting the license file with an 
encryption key associated with a group of playback devices, and for providing the encrypted 
license file to the writing means for writing the encrypted license file to the storage medium. 
A storage medium on which content ilema are stored by such a receiving device can be 
copied in an unlimited fashion, but these content items can only be played on the playback 
devices in the group with which the encryption key is associated, and in accordance with tlie 
license file. 

A user needs only define once the group of playback devices on which he 
vwjuld like 10 play the content item. He can do this for instance by adding every playback 
device to a group directly uAcr buying it. He can then freely use the sioruge media written to 
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by the receiving device. It is always possible to extend the group when the user buys new 
playback devices, since ihey can be added at any time, and the content item is stored so that 
any device in the group can access it, as will become apparent below. 

It is known per sc to encrypt data so that only a particular device can read it, 
5 for instance by encrypting the data with the public key of that particular device, preferably 
with the use of a session key. This means that the license file could alternatively be encrypted 
multiple limes using multiple public keys, once for each playback device in the ip-oup. This 
ha<; the disadvantage ihat the amount of data on the storage medium increases somewhat, but 
more importantly that it is then impossible to add a new device to the group and give it access 

10 to the content item. The license file has in that case been encrypted in such a fashion that 

only the playback devices that were already in the group at encryption time can decrypt it, so 
it is not possible for the receiving device to obtain the license file in order to encrypt it with 
the public key of the newly added device. By using a group key, no extra steps are necessary 
in the receiving device, and no modifications need to be made to the storage medium. The 

15 newly added playback device simply obtains the decryption key for the group and is then 
able 10 decrypt the license file. 

In an embodiment the license locking means are arranged for encrypting the 
license file with a License Locker Encryption Key (LLEK). encrypting the LLEK with tl»e 
encrypdon key associated with the group of playback devices, and additionally providing the 

20 encrypted LLFK to the writing means for writing the encrypted LLHK to tlie storage 

medium. A playback device that can decrypt the encrypted LLEK can then also decrypt the 
license file The license file can then be used to play back the content item in accordance with 
the permis.sions therein. This provides additional flexibility. 

In a further embodiment the encryption key is the public key ofa public/secret 

25 key pair. The corresponding secret key is available in the playback devices in the group, so 
they can easily decrypt the encrypted license file. This has the additional advantage that now 
the encryption key does not need to be secured, so the receiving device does not have to take 
any measures to guard this key. If the encryption key were a secret (symmetric) key, a 
malicious user could steal the key from the receiving device and then decrypt the license file 

30 and play back the content item on any device. 

In a further embodiment the content item comprises at least one of audio and 
\'ideo data. The popularity ot music sharing services such as Napster has made it clear that 
there is a great demand for the distribution of music and other audio content. The same is to 
be expected for video, once network bandwidth is large enough to permit the large-scale 
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distribution of video dala. By providing receiving devices according to the invention u-hich 
can facilitate secure distribution on storage media, diMribution amongst groups of people 
becomes possible. 

In a further erabodiment the license locking means are further arranged for 

5 receiving a selection of an identifier of the group and for obtaining the encryption key 

associated with the selection from a keyserver. If the user has defined multiple groups, it is 
preferable thai he can choose which one to use when writing the content item to the storage 
medium. By proving the public key for the group on the keyserver, ii becomes possible for 
one user to securely store content items which another user can play back. So, for instance. 

1 0 the user can download and store a set of son^s on a storage medium using die public key of a 
group registered to a fnend. He can then give the storage medium to the friend, e.g. as a 
present, who can then play it on every device in his group. Tliis allows the user to include 
only the content items he knows his friend will like, thereby creating & personalized present. 

It is R further object of the invention to provide a playback device according to 

15 the preamble, which allows pcrsisicni control over the u.sage of the content item on the 
storage medium and also adheres to user expectations of ihe usage. 

This object is achieved in accordance with the invention in a playback device 
which is characterized the license file is stored encrypted on the storage medium, und in that 
the playback device further comprises secure storage means for storing one or more 

20 decryption keys, each decryption key being associated with a respective group of playback 
devices, decoding means for checking whether a stored decryption key is suitable for 
decrypting the cncrypttsd license file, and if so, decrypting the license file using the stored 
decryption key and providing the decr>'ptcd license file lo tlie playback means. Since the 
license file is stored encrypted, only a playback device which can decrypt it can access and 

25 use the content item. If the playback device is in the correct group, as chos«in by the user 
when the content item was written to the storage medium, the correct decryption key is 
provided in secure storage means. 

In an embodiment the license file is stored encrypted with a License Locker 
Encryption Key (LLHK). said LLFK being stored on the storage medium encrypted with an 

30 LLEK encryption key. the one or more decryption keys arc LLFX decryption keys, and the 
decoding means are arranged for checking whether a stored LLEK decryption key is suitable 
for decrypting the encrypted LLEK, and if so, obtaining the LLEK from the encrypted LLEK 
using the stored LLHK decryption key, and decrypting the licen.sc file using the LLEK. Using 
the LLEK as a session key provides additional flexibility. 
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In a further embodiment tlie decryption key is the secret key of a public/secret 
key pair. Using public key encryption makes the distribution of the encryption keys much 
easier, since they do not have to be kept secret. The encryption key can now simply be 
transmitted in the clear to the receiving device, which encrypts the license file with it Only 

5 the playback device that has die correspooding secret decryption key can then decrypt the 
license file and access the license file. 

In a further embodiment Ihe playback device further comprises registration 
means for registering a public key of a public/secret key pair associated with the playback 
device at a Content Dislribution Management System (CDMS), the secret key of said 

1 0 public/secret key pair being stored in the secure storage means, and for receiving a 

decryption key encrypted with said public key, decrypting said encrypted decryption key and 
storing the decryption key in the secure storage means. By facilitating the distribution of the 
secret key for the group to playback devices in this fashion, it is achieved that at no time the 
secret key is exposed to a malicious user, and no playback device can get access to the secret 

IS key without having registered. 

Ihe invention further relates to a computer program product for enabling a 
programmable device when executing said computer progrum prud jcl to ftmction as the 
receiving device according to the invention. 

The invention further relates lo a computer program product for enabling a 

20 programmable device when executing said computer program product to function as the 
playback device according to the invention. 



These and other aspects of the invention will be apparent from and elucidated 
25 with reference to the embodiments shown in the drawing, in which: 

Fig. 1 schematically shows a first embodiment of un arrangement according to 

the invention; 

Fig. 2 schematically shows the receiving device according lo Ihe Invention in 

more detail; 

30 Fig. 3 schematically shows the playback device according to the invention in 

more detail; and 

Fig. 4 schctrmtically shows a second embodiment of the arrangement. 



(26) JP 2004-534291 A 2004.11.11 



wo 02/073378 PCT/IB02/0(>245 

6 

Throughout the figures, same reference numerals indicate similar or 
corresponding features. Some of the features indicaled in the drawings arc typically 
implemented in software, and ax such represent software entities, such as software modules 
or objects. 

5 Fig. I schematically shows an arrangemeni 100 comprising a transmitting 

device 101 and a receiving device 1 10. connected via a network 105 siich as the Intcmei. 
Also connected to the network are a keyserver 130 and a license server 140, whose workings 
will become apparent below. The arrangement 100 enables the receiving duvice 110 to 
download content items such as content item 102 from the transmitting device 101. In a 

10 preferred embodiment the transmitting device 101 and the receiving device 1 10 are 

connected in a peer-lo-peer fiishioii, allowing them to share files with each other. In this 
embodiment, a directory server (not shown) can be provided to allow the receiving device 
1 10 to find out which files are available on the transmitting device 101 without having to 
ctintact the transmitting device 101 directly. This is particularly useful if the transmitting 

15 device 101 is one of a plurality of transmitting devices, connected to each other and to the 
receiving device 1 1 0 in a p«cr-to-peer fashion. In such a case, the receiving device 1 1 0 may 
additionally be arranged to operate as a transmitting device fur other devices iti the 
uiriuigemenl, in a peer-to-pcer fashion. In another embodiment the transmining device 101 is 
a file server from which the receiving device 1 10 can download content items. 

20 The term content item refers to any kind of material which people may want to 

download. In particular it refers to items such as television programs, movies, music, articles 
or books. Content item 102 is made available on the transmitting device 101 in a secure 
fashion. In a preferred embodiment, the content item 102 is made available in the Intcrtrust 
"Digifile" format, kaovm fiom c.g. U.S. Patent 5,892,900. Other technologies for securing 

25 content items, such as the CD-I format, can also be used. The content ilem 102 in the secure 
format may optionally be accompanied by u 'twiser', rcprciientative of the content ilem, in an 
insecure format. This allows users to view the teaser to find out if they like the content item 
102 without having to buy it. 

The receiving device 1 1 0 is able to download content ilem 102 if it is made 

30 available in such a secure format, as will become apparent below. The receiving device 1 10 
can be for instance a set top box, a personal contputer, gateway to a home network, or a 
consumer electronics (CE) device. With the appropriate permission, it can then play back the 
content item 102, possibly with the aid of u separate playback device (not sliown). For 
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instance, the receiving device 1 1 0 may be a set top box which downloads the content item 
102, and transmits it to a persona! entertainment system which can pltiy it for the user. 

Ilie user can buy a license file for use with the content item 102 from a license 
server 140. This license file provides a set of permissions, for example a permission lo play 
5 back the music, or a permission to store the content itern on a storage medium. Tlie user of 
course has to pay a certain amount of money for each permission. This monc)' can be 
provided by having the user supply credit card information, or by identifying the user and 
charging the amount of money to an account for die user, or through Other known ways of 
handling payments over a network. The license file also contains a decryption key or other 

10 infonnation required to access the content item 102. 

When the user has bought the permission to stoic the ccmlent item 102, the 
receiving device 1 10 can write the content item 102 to a storage medium 111, preferably a 
recordable compact disc, although of course other storage media such as reuordable Digital 
Versatile Discs (DVD), hard disks or solid state memory cards will also do. The content item 

15 1 02 is written to the storage medium 1 1 1 in a secure fashion, for example in the same secure 
format it wus dowTilouded in. It may however be advantageous to use a difTcrent technology 
for secure distribution of content, for example when the devices that will read the content 
item 102 tirom the storage medium 1 1 1 cannot process the secure format in which the content 
item 102 was dowti loaded. 

20 I hc user can then provide Ihc storage medium 111, which is preferably a 

removable storage medium, to an impropriate playback device, such a.s video playback device 
120 or audio playback device 121 . These can then read the content item 102 from the storage 
medium 1 1 1 and play it to the user. To do this, they need a playback permission provided in a 
license file for the content item 102. How they get this permission is explained ^\ith reference 

25 to Fig. 3 below. 

Fig. 2 schematically shows the receiving device 1 10 in more detail. The 
content item 102 is downloaded by download module 201, as explained above. The 
download module 201 can be, for in.stancc, the downloading component of the well-knovm 
Napster file-sharing client. A transcoding module 202 processes the downloaded content item 

30 102 by translating it into a format suitable for storing on the storage medium 111. This may 
involve decrypting the content item 102 and encrypting it using a different encryption 
technique. However, if the original secure format is acceptable, the tran.scoding module 202 
is not necessary. A writing module 203 then writes the content item 102 to the storage 
medium 111. 
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A licensing module 204 obtains a license file 141 from the license server HO. 
This license file 141 musl at least comprise the permission to write the content item 102 to 
the storage medium 1 1 1 . It permission to store docs nut imply permission to play back the 
stored content item 102, then ihe license Hie 141 must also comprise permission to play back. 
5 The licensing module 204 interfaces between the license server 140 and the user, and can be 
implemented as a known licensing module, for instance the licensine module as provided in 
the Inlertrust arrangement. This licensing module provides an interface to Ihe user, with 
which the user can pick the licensing conditions for the content item 102, such as permission 
for one-time playback for a small amount of money, one-time playback for free in return fur 

1 0 filling in a questionnaire, or playback for a inonth for a larger amount of money. 

The licensing module 204 provides the license file 141, if it has the 
appropriate permission, to a license lockmg module 205, which produces an encrypted 
version of the license file 141, hereafter referred to as the License Locker. The Uccnsc file 
14 1 is preferably encrypted using a session key. hereafter called the License Locker 

15 Encryption Key (LLEK). The Ll.KK can be generated using known techniques for generating 
session keys, for example by hashing the output of a pseudo-random number generator to 
obluin a sequence of the required length, e.g. a 128-hits hash function stich as MD5 when an 
I2f!-bits encryption algorithm is used in encrypting the license file 141. 

The license locking module 205 provides the License Locker to the writing 

20 module 203, which writes it to the storage medium 1 1 1 together with the conleni item 102. In 
some storage medio, for instance recordable compact discs, it i.s neces.sary to write all data to 
the medium at once. When such a storage medium is used, the writing module 203 may have 
to buffer the data to be written until all data has been obtained. For e.g. removable hard d\skR 
this is of course not required. 

25 The LLEK. is then also written to the storage medium 1 1 1, but in an encrypted 

form. A playback device which can read the LLEK &om the storage medium 1 1 1 and decrypt 
it, can decrypt the license file 141 from the License Locker and is then able to play back the 
content item 102. By providing the content item 102 and the license file 141 in this fashion, 
the invention achieves that the user can play back the stored content item 102 on a playback 

30 device that does nol need to be connected to the network 105. 

Alternatively to using a session key, the license file 141 can also be encrypted 
directly with un cncr>plion key, whose corresponding decryption key is available to the 
playback devices that will later have access to the liloragc medium 1 11. The encryption can be 
symmetric or asymmetric. 
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It is desirable that playback of the content item 102 Is restricted to a limited 
number of playback devices, since this allows the copyright holder to control the use ofthe 
content item 102, However the management of the devices that can play the content should 
be independent frt>m the storage ofthe content item 102 on the storage medium 1 1 1 itself, in 
5 order to make the airangemcnt 100 adhere lo the user's expectations. Usually the buyer of the 
content is not just playing it himself, hut also his family is playing it on various devices 
owned by the family. Friends and neighbors might also want to listen to the content item 102. 
Generally spcskiDg, the playback ofthe content item 102 should be permitted for a certain 
group of people, or a group of devices owned by said group of people. In order to distinguish 
10 groups of devices, each group is assigned a Group ID. The content item 102 is linked to the 
Group ID, so that any device in the group can play back the content item 102 from the 
storage medium Ml. To this end, the license file is encrypted such that any device in the 
group can decrypt it, but devices outside the group cannot. 

In a preferred embodiment, the LLHK is encrypted with the public key of a 
1 5 public/secret key pair associated with the group, whereby all devices in the group have access 
to the corresponding secret key. Alternatively, a secret key encryption scheme can he a«»d. 
The license locking module 205 prompts the user to select a Group ID, e.g. from a list 
displayed on a display coupled to the receiving device 1 10, and obtains tJie public key for the 
gn)up e.g. by retrieving it from the kcyserver 130. It then encrypts the LLEK with the public 
20 key for the group and provides the encrypted LLEK to the writing module 203 for writing on 
the storage medium 111, The storage medium 1 1 1 can now be provided to a playback device, 
such as video playback device 120 or audio playback device 121. 

The receiving device 1 10 can be realized as a computer program product 200 
being arranged for causing a prtx:cssor to execute the steps described above. The computer 
25 program product 200 enables a programmable device when executing said computer program 
product to function as the receiving device 1 1 0. Since the receiving device 1 10 requires nO 
access to any secret keys, when a public key encryption scheme is used, it becomes possible 
to completely realize the receiving device as computer program product 200, which can be 
loaded and run on a PC, for example as an addition to file sharing programs such us Napster. 
30 This provides an extension to the Napster client with which users can download and 

redistribute music files, yet without removing the control desired by the copyright holders. 

Fig. 3 schematically shows the audio playback device 121 in more detail. 
Other playback devices, such as video playback device 120 can be realized in a similar 
fashion. The user can provide llie storage medium 11 1 to tlie playback device 121 , e.g. by 
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inserting it into reception unit 301. The decoding module 302 reads the encrypted license file 
141 from the storage medium 1 11 and decrypts it using a secret key .stored in secure storage 
module ^C^9. In a preferred embodiment, the decoding module 302 reads the encrypted LLEK 
from the storage medium 1 11 and uses the stored secret key to decrypt the encrypted LLEK. 
5 The decoding module 302 then uses the thusly obtained LLEK to decrypt the License l.^kcr 
and obtains the license Hie 141. 

It may happen thai the decryption st(^ requires a secret key that is not slured 
in the secure storage module 309. In Ihut case, ihc decoding module 302 will be unable to 
decrypt the license file 141 . Also, the playback device 1 2 1 may be included in more than one 

10 gr^up. In that case, it will have multiple dccryplion keys stored in its secure storage module, 
one for each group it is in. So, the decoding module 302 should first check whether the 
correct secret key is stored in the secure storage module 309, and depending on this check 
decrypt the license file 1 41 or notify the user that obtaining the license file 141 is impossible 
due to a missing decryption key. 

1 5 'ITiis checking can be done in various ways, for example by comparing a key 

identifier for the stored secret key with an identifier stored together with the encrypted 
license file 141. Alternatively, the license file 1 4 1 may comprise a known piece of 
information, such as a version number or a fixed textual string. In that case, the decoding 
module 302 can attempt to decrypt the license file 141 and then compare the output v,ith the 

20 expected known piece of information. If the expected piece of information is missing in the 
output, then the decryption key used was incorrect. Allemutively, the secret keys may 
comprise an identifier for the group to which they belong, and the storage medium 1 1 1 may 
comprise an identifier for the group for which the license file 141 has been encrypted. Tlie 
decoding module 302 can then retrieve the latter identifier and search for a secret key 

25 comprising a matching identiiler in the secure storage module 309. 1 he decoding module can 
also simply uy to decrypt the license file HI with each decryption key until one is found that 
can be used to obtain a valid license file. 

The decryption step can be realized in u variety of wuys. depending in part on 
how the secret key is stored in the secure storage module 309. This module 309 can be 

30 realized as a hardware module with embedded decryption software, so that the decoding 

module 302 can provide the encrypted license file 141 to the module 309, which decrypts it 
using the appropriate decryption key, and returns the license file 141 in plain form to the 
decoding module 302. This provides a large amount of security, because the actual secret key 
is now stored in tamperproof hardware and cannot be read out by a malicious user. 
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Alternatively, the secure storage module 309 can simply be a reud-oniy memory (ROM) from 
which ihc decoding module 302 can read the secret decryption key and decrypt the license 
file J41 itself. The module 309 can be provided on a smart card. 

'ITic decoding module 302 provides the license file 141 to the playback module 
5 305. The playback module 305 reads the stored content item 102 from the storage medium 
1 1 1 and verifies iliat there is a permission to playback in the license file 141. If so, it plays 
the content item 102 e.g. by generating audio signals on loudspeakers 306. 

llie secret key installed in the playback device 1 2 1 . in secure storage module 
309 can simply be the secret key of the group, corresponding to the public key used by the 

10 receiver 1 1 1 us outlined above with reference to Figure 2. This requires that the secret key for 
the group must he distributed to every device that is added to the group, \^ich is not very 
practical and certainly not secure, unless highly tamper-resistant hardware such as smart 
cards arc used. However, this requires that the user obtains a number of such smart cards, one 
for each device in the group, which is cumbersome. 

15 It is therefore preferable that every playback device has its own associated 

public/secret key pair, whereby the secret key is securely installed inside the playback device. 
Tliis can for instance be done at the factory where the playback device is manufactured. For 
added security, the public/secret key pair for the device can be generated by an independent 
entity, such as ti Certifying Authority (CA), and provided to the factory for installation by the 

20 manufacturer. 

The playback device 1 21 has a registration module 306 which can provide the 
public key for registration to a Content Distribution Management System 310 (COMS), 
together with a unique identifier for the playback device. Tliis unique identifier could for 
instance comprise a manufacnircr number, a type number and a serial number. The 
25 registration cm be performed upon the request of the u.ser, or when the playback device 1 2 1 
is turned on for the first time, or at another suitable moment. Alternatively, the public key can 
be registered by the CA upon installation of the key pair by the manufacturer. 

As will become apparent below with reference to Fig. 4, the CDMS 310 will 
then encrypt the secret key for the group once for each device in the group, using the 
30 registered public key cf that device. The encrypted secret keys are then sent in return to the 
registration modules of Ihc playback devices, which can decrypt them using their own secret 
keys. They then store the secret key in their secure storage muduici. From that moment on, 
they can decrypt any license file 141 encrypted with the public key of the group by using the 
corresponding secret key for the group. By focilitating the distribution of the secret key for 
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the group in this fiLShion, it is achieved that at no time the secret key is exposed to u malicious 
user, and no playback device can get access to the secret key without having registered. This 
makes it possible to e.g. charge the user a higher fee when he wants permission to distribute 
the content item 102 to a large group of devices. Further, the number of deivices in the group 
5 can be limited in accordance with the wishes of copyright holders. 

The playback device 120 can be realized as a computer program product 300 
being arranged for causing a processor to execute the steps described above. The con4>uter 
program product 300 enables a programmubk device when executing said computer program 
product to function as the playback device 120. Care should be taken lo ensure that the secret 
1 0 key is not copied to another device, because this would allow the other device to impersonate 
the playback device 120, which breaks the possibility to charge a fee for every device on 
which the stored content item 111 is to be played. 

Pig. 4 M:lieniatically shows another embodiment of the airangement 100, 
which illustrates the process of registering groups and devices. The CDMS 310 maintains o 
15 list 402 of groups Gl, 02. G3 and the devices D ]...,. D9 in each group. A user can request 
the creation of a new group at the CDMS 310. The CDMS 310 ihca generates u public/secret 
key pair for the group The public key for the group can then be provided on the key.serv er 
130 for dov«iloading by the receiving device 1 10. By providing the public key for the group 
on the kcyserver 130, it becomes possible for one user lo securely store content items which 
20 another user can play back. So, for instance, the user can download and store a set of songs 
on a storage medium 1 1 1 using the public key of a group registcrcxl to a fiicnd. He can then 
give the storage medium 1 1 1 to the friend, e.g. as a present, who can then play it on every 
device in his group. By including only the content items he knows his friend will like, and 
storing them using his friend's group, the user creates a personali7cd present. 
25 Once the user has registered a group, he can add playback devices to it. If a 

device he wants to add has not yet been registered, the user must register it first so it gets 
added to the device list 403, for instance by activating the device's registration module 306. 
Upon adding a device to a group, the CDMS 3 10 encrypts the secret key with the public key 
of that device. For example, if the user adds device D6 lo group Gl, the CDMS 310 encrypts 
30 the secret key of Gl with public key PK6. This encrypted secret key is needed by the 

decoding module 302 of device D6. Once the device he wants to add has been registered with 
the CDMS 310, he can simply select it from a device list 403 provided by Ihc CDMS 3 1 0 and 
comprising device identifiers UIDl, UID9 and associated public keys PKl. .... PK9 and 
add it to the group. 
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The user may also remyve devices from ihe list for the group, for example to 
make room for new devices when the number of devices in a group is limited by the CDMS 
3 10. This makes it possible ihal u user takes a device off the list for the group, yet still plays 
content intended for that group on that device. This is possible because that device still has 
5 the secret key for that group with which the LLEK can be decrypted, so the license file 141 
can be decrypted and the content item 102 can be played. I his can be prevented by e.g. 
periodically replacing the public/secret key pair for the group and only supplying the new 
secret key to devices on the list for the group at that moment. Also, charging a registration 
tee for every device that is added or removed from a group, reduces the user*s incentive lo 

1 0 frequently manipulate the list for his group. 

To ensure that the public keys provided by the keyjicrver 130 air authentic, 
they can be certified by a Certifying Authority (CA) before being made available on the 
kcyscrvcr 130. The receiving device 1 lU can be provided with o certificate for the CA, so it 
can verify the authenticity of the certificates and thereby verify the authenticity of the public 

1 5 keys of the groups. The certificate or public key for the CA can be loaded into the receiving 
device 1 10 by the manufacturer, or be downloaded from the keyserver 1.10 when needed. 
However, loading the certificate for the CA in the receiving device 130 by the manufacturer 
is more secure, since il provides fewer opportunities for malicious users to replace this 
certificate. 

20 An additional advantage of storing the content item 102 on the storage 

medium 1 1 1 in this fashion is that a playback device which is not in the appropriate group 
can still access the content item 102 if it obtains a new license file. The conlerU item 102 is. 
after all. stored in a .secure format which can be accessed with any appropriate license file. 
So. a user v^o has created a storage medium 1 1 1 with his favorite music tracks can lend the 

25 storage medium 111 to a friend whose devices arc outside the user's group. The friend can 
then buy a one-time playback hccnsc and access the tracks on the storage medium 1 11 to find 
out what the user likes. If he likes them as well, he could ask the user to be added to his 
group, or download the tracks himself The user can also create a new group, which includes 
devices owned by him and by his friend, and then create a new storage medium comprising 

30 the tracks they both like. 
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1 . A rectsi ving device (110) for securely storing a content item (102), comprising 
downloading means (201 ) for downloading the content item (102), 

writing means (203) for writing the downloaded content item (102) to a 
storage inedivim (111), and 
5 licensing means (204) for obtaining a liccnic file (141) from a license server 

(140), the license file (141) at least comprising a permission to write the downloaded content 
hem (1 02) to the storage medium (III), cliaracterized by 

liccn.se locking means (205) for encrypting the license file (141) with an 
encryption key associated with a group (Gl , G2, G3) of playback devices, and for providing 
1 0 the cncryplcU license file (1 4 1 ) to the v^Titing means (203) for writing the encrypted license 
file ( 1 4 1 ) to the storage medium (111). 

2. The receiving device as claimed in claim 1 . whereby the liccnw: locking means 
(205) are arranged for encrypting the license file (141) with a License Locker Encryption 

1 5 Key (I J.HK), encrypting the LLEK with the encryption key associated with the group (Gl , 
02, G3) of playback devices, and additionally providing the encrypted LLEK to the writing 
means (203) for writing the encrypted LLEK to the storage medium (111). 

5. The receiving device ( 1 1 0) as claimed in claim 1 , whereby the encryption key 

20 is the public key of a public/secret key pair. 

4. The leceiving device (1 1 U) as claimed in claim 1 , wherein the content item 

(102) comprises at least one of audio and video daU. 

25 5. I'hc receiving device ( 1 1 0) as claimed in claim 1 , wherein the Ucea<te locking 

means (205) are further arranged for receiving a selection of an identifier of the group (Gl , 
G2, G3) and for obtaining the encryption key associated with the selection from a keyserver 
(130). 
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6. A playback device (121) fur ptayinj^ a contenl item (102) stored on a storage 

medium (111). comprising 

playback means (305) for playing back the content item (1 02) in accordance 
with a permission in a license 01c (14 1) for the content item (102), stored on the storage 
5 medium (HI), characterized in that 

the license file (141) is stored encrypted on the storage medium (1 1 1 ), and in 
that the playback device (121) further comprises 

secure storage means (309) for storing one or more decryption keys, each 
decryption key being associated with a respective group (Gl, 02, 03) of playback devices. 
1 0 decoding means (302) for checking whether a stored decryption key is suiuble 

for decrypting the encr> pted license flic (141), and if so, 

decrypting the license file (141) using the stored decryption key and 
providing the decrypted license file (141) to the playback means (305). 

15 7, Tlic playback device (121) as claimed in claim 6, whereby the license file 

(141) is stored encrypted with u License !.ockcr Encryption Key (LI.EK). .said LLEK being 
stored on the storage medium (11 1) encrypted with an I.LEK encryption key. the one or more 
decryption keys arc LLEK decryption keys, and the decoding means (302) are arranged for 
checking whether a stored LLEK decryption key is suitable for decrypting the encrypted 

20 LI>E1C and if so, obtaining the LLEK from the encrypted LLEK using the stored LLEK 
decryption key, and decrypting the license file (141) using the LLEK. 

g. The playback device (1 2 1) as claimed in clum 6, wherein the content item 

(102) comprises at least one of audio and video data. 

25 

9. The playback device (121) as claimed in claim 6, whereby the stored 
decryption key is the secret key of a public/secret key pair. 

10. The playback device (121) as claimed in claim 6, further comprising 

30 registration means (306) for registering a public key of a public/secret key pair associated 
with the playback device (121) at a Content Distribution Management System (CDMS) 
(310), the secret key of said public/secret key pair being stored in the secure storage means 
(309), and for receiving a decryption key associated with a group (C31 . G2, Ol) of playback 
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devices encrypted v»1th said public key, decrypting said encrypted decryption key and storing 
saud decryption key in the secure storage means (309). 

11. A computer program product (200) for enabling a propummable device when 
5 executing said computer program product to function as a receiving device (110), comprising 

downloading means (20 1 > for downloading the content item (102). 

writing means (203) for writing the downloaded content item (102) to a 
storage medium (111), and 

licensing means (204) for obtaining a license file (141) from a license server 
10 ( 140). the liceiisc file ( 14 1 ) at least comprising a pcnnission to write the downloaded content 
item (102) to the Storage medium (111), characterized by 

license locking means (205) for encrypting the license file (141) with an 
encryption key associated with a group (Gl , G2, G3) of playback devices, and for providing 
the encrypted license file (141) to the wjiting means (203) for writing the encrypted license 
15 file { 1 4 1 ) to the storage medium (111). 

12. A computer program product (300) for enabling a ptograniniable device when 
executing said computer program product to function as a playback device (121), comprising 

playback means (305) for playing back the content iusm (102) in accordance 
20 with a permission in a license file (141) for the content item (102), stored on the storage 
medium (1 1 1), characterized in that 

the license file (141) is stored encrypted on the storage medium (1 1 1), and in 
that the computer program product further comprises 

decoding means (302) for checking whether a stored decryption key is suitable 
25 for decrypting the encrypted license file ( 1 4 1 ), and if so. 

decrypting the license file (141) using the stored decryption key and 
providing the decrypted license file (1 41 ) to the playback means (305). 
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